Re: KVM_MEM_READONLY slot flag not working properly

[Lorenzo Susini]

Well I'm sorry but I didn't know IDT was marked as read only by Linux. If it is read only, how can you 

register any new interrupt handler? I guess it's a way of securing stuff against malicious attacks. 

I was taking for granted that the IDT was written when registering a new irq handler, 

given that when an interrupt is raised, the new specified handler has to be called 

and its address should be retrieved in some way, that is by storing it in the IDT.

I'm sorry, I'm a student and I'm trying to understand things, 

Thank you, 

Lorenzo

Il giorno gio 18 mar 2021 alle ore 18:04 Paolo Bonzini <pbonzini@redhat.com> ha scritto:

On 18/03/21 17:07, Laszlo Ersek wrote:
> However, when I try to register a new interrupt handler (for instance for
> the edu device, just to try it out), it works perfectly,
> meaning that the IDT is not really read-only. Do you have any idea why? Any
> suggestions on how to solve the problem?
> Of course I've also checked KVM_CAP_READONLY_MEM, no problem with that.

Sorry for asking a question that might be extremely stupid, but: did you
check that the guest is writing to the IDT?  For example Linux never
modifies the IDT when it runs, in fact it even makes it read only (check
out idt_setup_apic_and_irq_gates in arch/x86/kernel/idt.c).

Paolo